Lucene search

[email protected]NVD:CVE-2012-2190

HistoryAug 21, 2012 - 10:46 a.m.

CVE-2012-2190

2012-08-2110:46:10

CWE-310

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.0%

JSON

IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1, allows remote attackers to cause a denial of service (daemon crash) via a crafted ClientHello message in the TLS Handshake Protocol.

Affected configurations

NVD

Node

ibmwebsphere_application_serverMatch6.1.0

ibmwebsphere_application_serverMatch6.1.0.0

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

ibmwebsphere_application_serverMatch6.1.0.9

ibmwebsphere_application_serverMatch6.1.0.11

ibmwebsphere_application_serverMatch6.1.0.12

ibmwebsphere_application_serverMatch6.1.0.15

ibmwebsphere_application_serverMatch6.1.0.17

ibmwebsphere_application_serverMatch6.1.0.19

ibmwebsphere_application_serverMatch6.1.0.21

ibmwebsphere_application_serverMatch6.1.0.23

ibmwebsphere_application_serverMatch6.1.0.25

ibmwebsphere_application_serverMatch6.1.0.27

ibmwebsphere_application_serverMatch6.1.0.29

ibmwebsphere_application_serverMatch6.1.0.31

ibmwebsphere_application_serverMatch6.1.0.33

ibmwebsphere_application_serverMatch6.1.0.35

ibmwebsphere_application_serverMatch6.1.0.37

ibmwebsphere_application_serverMatch6.1.0.39

ibmwebsphere_application_serverMatch6.1.0.41

ibmwebsphere_application_serverMatch6.1.0.43

Node

ibmwebsphere_application_serverMatch7.0

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.13

ibmwebsphere_application_serverMatch7.0.0.15

ibmwebsphere_application_serverMatch7.0.0.17

ibmwebsphere_application_serverMatch7.0.0.19

ibmwebsphere_application_serverMatch7.0.0.21

ibmwebsphere_application_serverMatch7.0.0.23

Node

ibmwebsphere_application_serverMatch8.0.0.0

ibmwebsphere_application_serverMatch8.0.0.1

ibmwebsphere_application_serverMatch8.0.0.2

ibmwebsphere_application_serverMatch8.0.0.3

Node

ibmwebsphere_application_serverMatch8.5.0.0

References

www-01.ibm.com/support/docview.wss?uid=swg1PM66218

www-01.ibm.com/support/docview.wss?uid=swg21606096

exchange.xforce.ibmcloud.com/vulnerabilities/75994

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.0%

JSON

Related for NVD:CVE-2012-2190

prion1 cvelist1 seebug1 cve1 ibm11 openvas1 nessus8